Phishing is a type of fraudulent attempt used to obtain sensitive information, such as user credentials for online access, personal information, financial information, etc. For example, an electronic message containing a link to a fake website may be sent to a victim, causing the victim to follow the link to visit the fake website that appears to be a legitimate website due to its apparent similarity with the legitimate website. When the user mistakenly signs in using the user credential at the fake website using the credential for the legitimate website and/or provides the sensitive information under the false impression that the user is interacting with the legitimate website, the fake website harvests the user credential for the legitimate website (e.g., username and password) and/or other sensitive information (e.g., credit card numbers, personal information).
Phishing can be carried out through email spoofing where a phishing email contains a forged sender address, causing the recipient to mistakenly trust the email and click on the links provided in the email to visit a phishing site. For example, the header of an email message can include a “from” field identifying a name and/or the email address from which the email message is sent. A typically email message is delivered without verification that the information provided in the “from” field is correct. Similarly, the header of an email message can include a “reply-to” field identifying a name and/or the email address to which a reply to the email message is to be sent. An email message is typically delivered without verification that the information provided in the “reply-to” field is correct. Thus, a phishing email may be configured to appear from a sender that the recipient would trust.
Sender policy framework (SPF) is an email authentication system designed to detect some forged sender addresses. For example, computers that are authorized to send email from a domain can be specified in domain name system (DNS) records. Thus, receivers may verify the SPF information before receiving the emails from unauthorized sources.
Some techniques have been developed to prevent phishing attacks.
For example, a list of known phishing sites can be stored and checked against websites to be visited by a user. A warning message can be displayed when a browser is attempting to visit a known phishing site.
For example, a DNS server can be configured to filter out known phishing domains.
For example, a spam filter can be implemented in an email system to reduce phishing emails.